Preventing the next Heartbleed

Contributed by tbert on 2014-05-26 from the keys-to-the-kingdom dept.

An Anonymous Coward writes in to tell us about sightings of secrets-related privsep in the wild:

The developer known by the pseudonym insane coder, who authored the popular pro-LibreSSL review LibreSSL: The good and the bad, has presented a solution for preventing common coding mistakes resulting in another Heartbleed:
To protect against exploiting such bugs, one should ensure that buffer overflows do not have access to memory containing private data. The memory containing private keys and similar kinds of data should be protected, meaning nothing should be allowed to read from them, not even the web server itself.
He then talks about using memory protection and process separation to isolate a server's private keys from anything which can be exploited to send them over the network.
This technique has already been utilized in an stunnel-like server, and it remains to be seen when others will follow.

Thanks for the tip, Anonymous Coward!

Astute readers will note that this technique has already been utilized in relayd(8) and smtpd(8).

(Comments are closed)

Comments

By mischief (67.169.12.116) mischief@offblast.org on 2014-05-29 16:29

http://plan9.bell-labs.com/sys/doc/auth.html

it's not the first time it's been thought of.

Latest Articles

Thu, Apr 18
- 05:05 Coming soon to a -current system near you: parallel raw IP input (0)
Wed, Apr 17
- 05:33 In -current, default write format for tar(1) changed to "pax" (9)
Wed, Apr 10
- 18:50 OpenSMTPD 7.5.0p0 Released (2)
Tue, Apr 09
- 04:49 20 years since "and we're just starting": undeadly.org turns 20 (2024-04-09) (13)
Fri, Apr 05
- 06:16 OpenBSD 7.5 released (2)
Thu, Mar 28
- 18:18 LibreSSL 3.8.4 and 3.9.1 released (0)
Tue, Mar 12
- 06:53 OpenSSH 9.7/9.7p1 released! (0)
Mon, Mar 11
- 11:28 Game of Trees 0.97 released (0)
Sun, Mar 10
- 09:06 LibreSSL versions 3.8.3 and 3.9.0 released (0)

Credits

Copyright © 2004-2008 Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to April 2nd 2004 as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]